(1) Field of the Invention
The present invention relates to the art of protecting executable programs and data against malicious analysis.
(2) Description of the Related Art
Unauthorized use of computer software through program analysis and tampering is a longstanding problem. For instance, an analyzer can execute software, which is designed to require a password to be executed, without entering the password by identifying and disabling the part of the code which checks a password. Also, software for viewing encrypted digital contents may include a cryptographic key for decryption. If the software is analyzed and the cryptographic key is identified, illegal copying of digital contents becomes possible.
In this way, malicious software analysis endangers software business and digital contents business.
To solve this problem, anti-tamper software technologies have been developed. One example of such technologies uses a complicated or redundant program so as to make the analysis with a disassembler or the like difficult (see “Non-patent Document 1”).
However, all of the above-mentioned technologies are realized as contrivances during the programming phase. That is, in the executing phase, every kind of software protected by any anti-tamper technology is being represented as lines of instruction codes, which are understandable to a CPU, and being loaded into main memory. Therefore, analyzers can refer to the codes in the memory using a debugger, and rewrite the codes to follow operations of the program. By repeating execution and analysis of a program, analyzers can fully analyze the program.
<Non-Patent Document 1>
Tomohiro Inoue, “The protect II: Introduction to program analysis”, Shuwa System Trading, March, 1987.